ArubaOS and Controllers

Reply
Occasional Contributor II
tdeboard
Posts: 22
Registered: ‎04-09-2007

Changing VLANs on Controllers

We are working through a process to migrate from using the default VLAN 1 on our controllers and are starting to use VLAN 10 as our standard (in conjunction with upgrading the ArubaOS on all controllers). I am looking for an easy way to change the primary VLAN on the controller from 1 to 10 when we don't have physical or out-of-band access to it and where it only has a single connection back to the rest of the network. I have come up with a few different stategies that work, but they are rather complex and I was wondering if anyone has a simpler way to handle this? I want to re-use the same address that is currently assigned to VLAN 1 on VLAN 10 and shutdown VLAN 1 without losing access to the controller in the process. The procedure that I just tested out that worked involves changing the port that the controller connnects to on our network switch from a switched port to a routed port and back again, but this will only work on our newer switches that can support changing from a switched to a routed port. Any other ideas would be appreciated. The configuraiton that I just used is below for anyone else that may be looking to do this in the future.

Thank you,

Todd

==========

SSH to Aruba 2400 Controller (fastethernet 1/23 connects controller to the network):
config t
telnet cli
vlan 2
interface vlan 2
ip address 1.1.1.1 255.255.255.252
interface fastethernet 1/23
switchport access vlan 2
! connectivity lost to the controller

Telnet to network switch (Aruba controller on port g1/0/5):
config t
int g1/0/5
no switchport
ip address 1.1.1.2 255.255.255.252
end
! wait for spanning-tree to recalculate
telnet 1.1.1.1

Telnet to Aruba Controller:
config t
int vlan 1
no ip address
vlan 10
int vlan 10
ip address 10.1.1.5 255.255.255.0
interface fastethernet 1/23
switchport access vlan 10
! connectivity lost to the controller

Telnet to network switch:
config t
int g1/0/5
no ip address
switchport
switchport mode access
switchport access vlan 10
end
! wait for spanning-tree to recalculate

SSH to Aruba Controller:
config t
int vlan 1
shut
exit
int vlan 2
no ip address
exit
no int vlan 2
no vlan 2
no telnet cli
end
wr mem
Occasional Contributor II
meesick
Posts: 41
Registered: ‎09-07-2009

Loopback address

How about adding a loopback address on the controller?

Please correct me if I am wrong, if both ports are "switchport mode access", the vlan on the controller doesn't have to be on the same vlan on the switch.
Occasional Contributor II
tdeboard
Posts: 22
Registered: ‎04-09-2007

Re: Changing VLANs on Controllers

We do have loopback interfaces defined on the controllers, but this doesn't provide or enable access to the switch when the VLAN of the uplink port is changed. If we add the new VLAN 10 while VLAN 1 is still up, it needs to be in a different network than the VLAN 1 interface. If we add a loopback, it can be in the same network, but if we shutdown the VLAN 1 interface so that we can bring up VLAN 10 with the same IP as VLAN 1 was using, access to the controller via the loopback IP doesn't work.
Search Airheads